Each vRealize Automation appliance includes a connector that supports user authentication, although only one connector is typically configured to perform directory synchronization.

To support Directories Management high availability, you must configure a second connector that corresponds to your second vRealize Automation appliance. That second connector connects to the same Identity Provider and, through VMware Identity Manager, points to the same Active Directory instance. With this configuration, if one appliance fails, the other can take over management of user authentication.

In a high availability environment, all nodes must serve the same set of users, authentication methods, and other Active Directory constructs. The most direct method to accomplish this is to promote the Identity Provider to the cluster by setting the load balancer host as the Identity Provider host. With this configuration, all authentication requests are directed to the load balancer, which forwards the request to either connector as appropriate.

1

Log in to the vRealize Automation Rainpole portal.

a

Open a Web browser and go to https://vra01svr01.rainpole.local/vcac/org/rainpole.

b

Log in using the following credentials.

Setting

Value

User name

ITAC-LocalRainpoleAdmin

Password

itac-localrainpoleadmin_password

Domain

vsphere.local

2

Navigate to Administration > Directories Management > Identity Providers.

3

Click the name of the identity provider WorkspaceIDP__1 to edit its settings.

4

Under Connector(s), specify the following settings and click Add Connector.

Setting

Value

Add a Connector

vra01svr01b.rainpole.local

Bind DN Password

svc-vra_password

Domain Admin Password

domain_admin_password

Wait until vra01svr01b.rainpole.local shows under Connector(s) before proceeding to the next step. This might take a few minutes.

5

In the IdP Hostname text box, enter vra01svr01.rainpole.local, the host name of the load balancer, and click Save.

6

Log out of vRealize Automation portal.